# 配置 Kubectl

本部分将生成一个用于 admin 用户的 kubeconfig 文件。

> 注意：在生成 admin 客户端证书的目录来运行本部分的指令。

## admin kubeconfig

每一个 kubeconfig 都需要一个 Kuberntes API Server 地址。为了保证高可用，这里将使用 API Servers 前端外部负载均衡器的 IP 地址。

查询 `kubernetes-the-hard-way` 的静态 IP 地址：

```bash
KUBERNETES_PUBLIC_ADDRESS=$(gcloud compute addresses describe kubernetes-the-hard-way \
    --region $(gcloud config get-value compute/region) \
    --format 'value(address)')
```

为 `admin` 用户生成 kubeconfig 文件：

```bash
kubectl config set-cluster kubernetes-the-hard-way \
    --certificate-authority=ca.pem \
    --embed-certs=true \
    --server=https://${KUBERNETES_PUBLIC_ADDRESS}:6443

kubectl config set-credentials admin \
    --client-certificate=admin.pem \
    --client-key=admin-key.pem

kubectl config set-context kubernetes-the-hard-way \
    --cluster=kubernetes-the-hard-way \
    --user=admin

kubectl config use-context kubernetes-the-hard-way
```

## 验证

检查远端 Kubernetes 群集的健康状况:

```bash
kubectl get componentstatuses
```

输出为

```bash
NAME                 STATUS    MESSAGE              ERROR
controller-manager   Healthy   ok
scheduler            Healthy   ok
etcd-2               Healthy   {"health": "true"}
etcd-0               Healthy   {"health": "true"}
etcd-1               Healthy   {"health": "true"}
```

列出远端 kubernetes cluster 的节点:

```bash
kubectl get nodes
```

输出为

```bash
NAME       STATUS   ROLES    AGE     VERSION
worker-0   Ready    <none>   2m30s   v1.18.6
worker-1   Ready    <none>   2m30s   v1.18.6
worker-2   Ready    <none>   2m30s   v1.18.6
```

下一步：[配置 Pod 网络路由](/setup/k8s-hard-way/11-pod-network-routes.md)。


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://kubernetes.feisky.xyz/setup/k8s-hard-way/10-configuring-kubectl.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.